Correct answer:

Availability management is correct. Availability management is focused on making sure system resources, processes, personnel, and toolsets are properly allocated and secured to meet SLA requirements for performance. Availability management defines the objectives for the availability of IT services as well as how they will be measured, collected, reported, and evaluated.

Incorrect answers:

All other answers choices are incorrect.

Correct answer:

Number of users is correct. Within IaaS, the number of users on a system is not relevant to the particular hosting model in regard to cloud resources. IaaS is focused on the infrastructure needs of a system or application. Therefore, a factor such as the number of users—which could affect licensing requirements, for example—would apply to the SaaS model, or in some instances to PaaS.

Incorrect answers:

All other answers choices are incorrect.

Correct answer:

Billing is correct. With SaaS, billing records are typically made directly available to the cloud customer without the need for special arrangements or requests to the cloud provider.

Incorrect answers:

All other answers choices are incorrect.

Correct answer:

Sox is correct. The Sarbanes-Oxley (SOX) Act specifies specific times for which financial records must be maintained and archived by an organization.

Incorrect answers:

All other answers choices are incorrect.

Correct answer:

SaaS is correct. With SaaS providing a fully functioning application that is managed and maintained by the cloud provider, cloud customers incur the least amount of support responsibilities themselves of any service category.

Incorrect answers:

All other answers choices are incorrect.

Correct answer:

Six months is correct. SOC Type 2 reports are focused on the same policies and procedures, as well as their effectiveness, as SOC Type 1 reports, but they are evaluated over a period of at least six consecutive months rather than a finite point in time.

Incorrect answers:

All other answers choices are incorrect.

Correct answer:

Notification is correct. The contract should include requirements for notification by the cloud provider to the cloud customer upon the receipt of such an order. This serves a few important purposes. First, it keeps communication and trust open between the cloud provider and cloud customers. Second, and more importantly, it allows the cloud customer to potentially challenge the order if they feel they have the grounds or desire to do so.

Incorrect answers:

All other answers choices are incorrect.

Correct answer:

Dynamic is correct. With dynamic masking, production environments are protected with the masking process being implemented between the application and data layers of the application. This allows for a masking translation to take place live in the system and during normal application processing of data.

Incorrect answers:

All other answers choices are incorrect.

Correct answer:

Continuous optimization is correct. Continuous optimization refers to the process of constant refinement of event discovery and collection, based on the changing application landscape and new and emerging threats.

Incorrect answers:

All other answers choices are incorrect.

Correct answer:

Deployment management is correct. Deployment management involves the planning, coordinating, executing, and validating of changes and rollouts to the production environment. The main focus is on properly mapping out all steps required for a release and properly configuring and loading it. This typically involves coordination between the business owner, developers, implementation team, and those that will validate and test the release after implementation.

Incorrect answers:

All other answers choices are incorrect.